Abstract
The objective of this study is to discover how to maximise the use of health research data without breaching the patient’s confidentiality. To achieve this, we have examined available options identified in enhancing information security of health research data. It has been noted that there are gaps in information security for health research data. Our novel approach, searching through encrypted data is discussed in this paper.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., and Shi, H., Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions, Proceedings of Crypto 2005 (to appear), 2005.
Australian Medical Council, Legal, ethical and organisational aspects of the practice of medicine. In: Anthology of Medical Conditions, Marshall, V. C. et al. (ed.), Australian Medical Council Incorporated, 2003.
Baek, J., Safavi-Naini, R., and Susilo, W., Public Key Encryption with Keyword Search Revisited. http://eprint.iacr.org/2005/191, 2005.
Baek, J., Safavi-Naini, R., and Susilo, W., On the integration of public key data encryption and public key encryption with keyword search. The 9th Information Security Conference, ISC 2006, Lecture Notes in Computer Science, Springer-Verlag, Berlin, 2006.
Behlen, F. M., and Johnson, S. B., Multicenter patient records research: Security policies and tools. J. Am. Med. Inform. Assoc. 6(6):435-443, 1999.
Boneh, D., Crescenzo, G. D., Ostrovsky, R., and Persiano, G., Searchable Public Key Encryption. http://eprint.iacr.org/2003/195, 2003.
Boneh, D., and Fraklin, M., Identity-based encryption from the Weil pairing. Proceedings of Crypto 2001, Springer-Verlag, pp. 213–229, 2001.
Carney, P.A., Geller, B. M., Moffett, H., Ganger, M., Sewell, M., Barlow, W. E., Stalnaker, N., Taplin, S. H., Sisk, C., Ernster, V., Wilkie, H. A., Yankaskas, B., Poplack, S.P., Urban, N., West, M. M., Rosenberg, R. D., Michael, S., Mercurio, T. D., and Ballard-Barbash, R., Current medicolegal and confidentiality issues in large, multicenter research programs. Am. J. Epidemiol. 152(4):371–378, 2000.
Dreiseitl, S., Vinterbo, S., and Ohno-Machado, L., Disambiguation data: Extracting information from anonymized sources. J. Am. Med. Inform. Assoc. 9(6):110–114, 2002.
Dudeck, J., Informed consent for cancer registration. Lancet Oncol. 2:8-9, 2001.
Evans, B., and Ramay, C. N., Integrity of communicable disease surveillance is important patient care. Brit. Med. J. 322:858, 2001.
Gritzalis, D., and Lambrinoudakis, C., A security architecture for interconnecting health information systems. Int. J. Med. Inform. 73:305-309, 2004.
Health Records and Information Privacy Act 2002, New South Wales.
Ingelfinger, J. R., and Drazen, J. M., Registry research and medical privacy. New Engl. J. Med. 350(14):1452, 2004.
Lowrance, W., Learning from experience: privacy and the secondary use of data in health research. J. Health Serv. Res. Policy 8(supp 1):S1:2–7, 2003.
Muralidhar, K., and Sarathy, R., Can you have your cake and eat it too? Sharing healthcare data without compromising privacy and confidentiality. In: Proceedings of the 11th Americas Conference on Information Systems. Omaha, NE, 2005.
Ohno-Machado, L., Silveira, P. S. P., and Vinterbo, S., Protecting patient privacy by quantifiable control of disclosures in disseminated databases. Int. J Med. Inform. 73:599–606, 2004.
Quantin, C., Allaert, F.-A., and Dusserre, L., Anonymous statistical methods versus cryptographic methods in epidemiology. Int. J. Med. Inform. 60:177–183, 2000.
Roberts, L., and Wilson, S., Argument for consent may invalidate research and stigmatize some patients. Brit. Med. J. 322:858(1 page), 2001.
Song, D. X., Wagner, D., and Perrig, A., Practical techniques for searches on encrypted data. IEEE Symposium on Security and Privacy, pp. 44–55, 2000.
Willison, D. J., Keshavjee, K., Nair, K., Goldsmith, C., and Holbrook, A. M., Patients’ consent preferences for research uses of information in electronic medical records: Interview and survey data. BMJ 326:373-376, 2003.
Win, K. T., Information security of electronic health record systems. Health Inform. Manage. J. 34(1), 13–18, 2005.
Author information
Authors and Affiliations
Corresponding author
Additional information
Willy Susilo received a Ph.D. in Computer Science from University of Wollongong, Australia. He is currently an Associate Professor at the School of Information Technology and Computer Science of the University of Wollongong. He is the coordinator of Network Security Research Laboratory at the University of Wollongong. His research interests include cryptography, information security, computer security and network security. His main contribution is in the area of digital signature schemes, in particular fail-stop signature schemes and short signature schemes. He is a member of the IACR (International Association for Cryptologic Research).
Khin Than Win is a Senior Lecturer in the School of Information Technology and Computer Science, University of Wollongong, Australia. She is a Medical Doctor with a PhD in health informatics. Her research interests are in issues related to electronic health record systems and quality and safety in healthcare. She teaches health informatics subjects and supervises several honours and post graduate research students in health informatics.
Rights and permissions
About this article
Cite this article
Susilo, W., Win, K.T. Security and Access of Health Research Data. J Med Syst 31, 103–107 (2007). https://doi.org/10.1007/s10916-006-9035-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10916-006-9035-y